GNU FSF: JShelter Privacy Extension to Block JavaScript Fingerprinting, Tracking, and Malware

[grarpamp]

https://www.fsf.org/news/fsf-announces-jshelter-browser-add-on-to-combat-threats-from-nonfree-javascript
https://jshelter.org/
https://github.com/polcak/jsrestrictor
https://addons.mozilla.org/cs/firefox/addon/javascript-restrictor/

https://graz.pure.elsevier.com/de/publications/javascript-zero-real-javascript-and-zero-side-channel-attacks
https://arxiv.org/pdf/1905.01051
https://www.forcepoint.com/sites/default/files/resources/files/report-attacking-internal-network-en_0.pdf
https://research.fb.com/wp-content/uploads/2016/11/self-censorship-on-facebook.pdf
https://developer.mozilla.org/en-US/docs/Web/API/GeolocationCoordinates/accuracy

https://www.fsf.org/blogs/community/gnu-librejs-new-and-improved
https://www.gnu.org/licenses/javascript-labels.html


What is JShelter?

JShelter is a browser extension to give back control over what your
browser is doing. A JavaScript-enabled web page can access much of the
browser's functionality, with little control over this process
available to the user: malicious websites can uniquely identify you
through fingerprinting and use other tactics for tracking your
activity. JShelter aims to improve the privacy and security of your
web browsing.

How does it work?

Like a firewall that controls network connections, JShelter controls
the APIs provided by the browser, restricting the data that they
gather and send out to websites. JShelter adds a safety layer that
allows the user to choose if a certain action should be forbidden on a
site, or if it should be allowed with restrictions, such as reducing
the precision of geolocation to the city area. This layer can also aid
as a countermeasure against attacks targeting the browser, operating
system or hardware.

The development of this extension is influenced by the paper
JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks